2019: The Year of ICS Cybersecurity (& Nozomi Networks!)

2019: The Year of ICS Cybersecurity (& Nozomi Networks!)

Note: on July 23rd 2019, SCADAguardian was renamed Guardian, and SCADAguardian Advanced was renamed Smart Polling.
This post was updated on March 3, 2020.

Our recent company-wide meeting gave me the opportunity to reflect on just how quickly the ICS cybersecurity market has evolved – and in turn, just how rapidly Nozomi Networks has built an extraordinary team that’s leading the market on a global scale. It’s a very exciting time in the history of ICS cybersecurity and an even more exciting time for our growing team.

Just a few years ago, we saw only a handful of the most progressive industrial organizations investing in control system security. In 2017, we saw “cyber tire kickers” enter – those more interested in the operational management capabilities of our solutions, with security gains as a secondary benefit. In 2018, it became clear that a major market shift was occurring.

ICS cybersecurity became a business priority – and therefore proof-of-concepts and explicit projects in enhancing visibility and cybersecurity for ICS networks were the norm for a growing majority of industrial operators. And as the market matured, Nozomi Networks’ momentum skyrocketed, propelling us to extraordinary revenue growth last year. In 2019, this growth is showing no signs of slowing down.

As industrial cybersecurity becomes a budgeted line-item for the mainstream market, we’re experiencing phenomenal customer, partner and market growth worldwide – a strong indicator that 2019 is “The Year of ICS Cybersecurity” – and Nozomi Networks.

Strong Customer Growth – Even Stronger Customer Loyalty

When it comes to momentum, customer growth, retention and expansion have always been and will continue to be Nozomi Networks’ highest priority. In 2018 we achieved over 500% customer growth and a 100% customer retention rate. Today we have more than 1,000 installations supporting more than 300,000 devices in facilities spanning five continents. Our largest customer deployments to date support more than 500 hydro generation facilities spanning multiple continents. One deployment includes a customer with 400+ gas substations in Latin America, yet another with 300+ electrical substations in the Middle East, and a third with more than 20 refineries spread around the globe.

Largest customer deployments

Nozomi Networks supports more than 500 hydro generation facilities spanning multiple continents, 400+ gas substations, 300+ electrical substations and over 20 refineries spread around the globe.

Customers are eager to take proactive steps to improve their OT network visibility and cybersecurity. As a result, we currently have more than 100 proof-of-concept (PoC) installations underway. We see this as a major indicator of market expansion. Nearly all our PoCs quickly transition to production deployments. In fact, in many cases, customers are moving from testing to deployment in only a few weeks, significantly faster than in past years. Our exponential growth demonstrates that industrial and critical infrastructure companies want to quickly gain visibility into their OT networks, while reducing cyber risk, enhancing reliability and driving digitization (Industry 4.0).

As our customer base grows, we consistently hear from them that they love working with our team of field experts. Clients tell us that they chose Nozomi Networks for our superior operational visibility, advanced ICS threat detection and ability to rapidly support global deployments.

“A recent Peer Insight Review published by Gartner Research praised Nozomi Networks as a “Customer-Focused And Agile Company With A Solid Solution.” Our customer in the utilities and energy sector went on to say “The product exceeded my expectations and continues to improve. Overall the team is agile and customer-focused.”

Gartner Peer Insights, February 11, 2019

A Network of Industry-leading Partners That Continues to Grow

While customer adoption is a strong indicator of market maturity, partner adoption is also an important measure of market maturation. For Nozomi Networks, our head start back in 2013 – combining deep industry expertise and a track record of innovation, gave us an early opportunity to develop key partnerships with IT security veterans like FireEye and Fortinet. Today our partner ecosystem has grown to include the “who’s who” in security and automation including Accenture, Atos, Cisco, GE Power, IBM Security and Schneider Electric.

“We tested a number of different vendors, and Nozomi came out on top… The Nozomi SCADAguardian solution provides 24/7 coverage, which is essential, and lets our clients be compliant there. SCADAguardian also learns the system, tells you all the assets, and will tell you about unusual activity. It’s automated and warns you if anything changes on the system. That’s huge.

This lets us better protect our client base, and brings them so much value. They will help us address threats we can’t even quantify. We are looking to the future, and will work with Nozomi as a trusted partner to understand what the new threats are and how to mitigate them.”

Gary Williams, Senior Director, Cybersecurity Service Offer Leader, Schneider Electric
Channelbuzz, January 16, 2019
Nozomi Networks partner ecosystem
The Nozomi Networks partner ecosystem has grown to include the “who’s who” in security and automation including Accenture, Atos, Cisco, GE Power, IBM Security and Schneider Electric.

We have completed more than a dozen ICS integrations with vendors like ABB, Carbon Black, Cisco ASA, Honeywell, Rockwell Automation, Siemens and others. Additionally, three of the “Big 4” consulting companies are working with us to bring Nozomi Networks’ capabilities to their customers.

In addition to strategic technology partnerships and integrations, Nozomi Networks’ ecosystem of global resellers reached record numbers last year, contributing significantly to our 500% year-over-year growth. This year our global partner channel is on track to grow even more, bringing operational visibility and industrial cyber security to their customers.

Significant Industry Recognition – Via Awards and Analyst Research

As the market grows, we are working hard to anticipate and meet our customers’ current and future requirements. As a result, our solutions deliver immediate value. For example, 90% of the time we uncover system vulnerabilities in the first 24 hours of installation. Dedicated to continuous innovation and the industry’s most advanced ICS cybersecurity solutions, we expanded our product offering last year to include:

  • Guardian Advanced (now Smart Polling™) – Extends our traditional offering by adding active inventory capabilities to help customers get full asset visibility and vulnerability information
  • Threat Intelligence™ – Fully integrated into Guardian, this subscription service provides contextual threat information that helps customers effectively detect threats and identify vulnerabilities
  • Guardian Advanced, Container Edition – This fast, flexible deployment option helps customers reduce procurement and maintenance costs. The first version of this was debuted at DistribuTECH last month with the container edition running in the RUGGEDCOM APE
  • Improved usability and alerting – With a focus on user experience, we released the first of many usability improvements to our web UI and alerting functions, making it easier for customers to find the information they need faster

Additionally, in the last 12 months, our security research team has made more than a dozen responsible disclosures, which so far have resulted in eight ICS Cert Alerts. Our researchers also delivered some of the industry’s most actionable research and tools on TRITON, and deep reverse engineering of GreyEnergy.


Nozomi Networks researchers have delivered some of the industry’s most actionable research and tools on TRITON, along with deep reverse engineering of the GreyEnergy malware.

Team Nozomi accomplished a lot. We are thrilled to be receiving significant validation of our efforts from industry commentators.

  • Last month we were recognized at the top of Forrester Research’s “New Tech: ICS Security Solutions, Q1 2019” report
  • In January, Frost & Sullivan recognized Nozomi Networks with the 2019 Global Enabling Technology Leadership Award in the industrial cybersecurity solutions industry
  • Our product innovation has been profiled in reports from 451 Research, ARC Advisory Group and industry pundit Dale Peterson
  • Nozomi Networks was named a CRN Emerging Vendor in Security
  • Cyber Defense Magazine named Nozomi Networks its Cutting Edge winner in ICS/SCADA Technology

Already this year, Guardian has been profiled in a product review on IT Pro Today; while Network Computing calls the solution “a flexible, friendly and highly effective option” for those who need to know what is in their ICS network.

This week at RSA, we were honored to be invited to the ICS Village to share our GreyEnergy research findings and ICS Cybersecurity Best Practices from more than 1,000 implementations. Cyber Defense Magazine recognized us with two awards – one for Best Product in ICS/SCADA Security, while the other named us a Hot Company in Threat Intelligence.

Next Up – More Innovation, Global Expansion and Industry Research

Markets and Markets Research predicts the industrial cybersecurity market will be worth $22.79 billion by 2023. With a market that’s sorely in need of effective ICS cybersecurity solutions and the operational advantages that come with them, I’m proud to say the team at Nozomi Networks has embraced the challenge on a global scale.

The Nozomi Networks team now spans the world, with offices in the United States, Australia, Brazil, Canada, Denmark, Germany, Italy, Netherlands, Portugal, Singapore, Spain, Switzerland, UAE and the UK.

In a few short years we’ve grown from a small and mighty team to a global force made up of the top game-changers in industrial cybersecurity. We now have dedicated field support teams and technical resources working out of Nozomi Networks offices in the United States, Australia, Brazil, Canada, Denmark, Germany, Italy, Netherlands, Portugal, Singapore, Spain, Switzerland, UAE and the UK. Over the last year, working with partners, customers and the ICS cybersecurity community, we’ve made tremendous progress. But, we’re just getting started. There’s much more to do.

As cybersecurity threats continue to grow in number and sophistication, Nozomi Networks will continue to grow our global reach to ensure we’re available to help industrial operators everywhere. We’re strengthening our research efforts and stepping up community collaboration. And, of course, we are continuing to innovate, working with customers and partners to expand our solutions to help make the critical infrastructure and industrial networks that run the world more secure.

We couldn’t be working on a more important cause, and we couldn’t be doing it with a better team.

If you’d like to see how our operational visibility and ICS cybersecurity solution can defend your organization, the Nozomi Networks team is here to help. To get started, simply contact us.